LEDE/OpenWRT — Restricting Network Access Based on MAC

Typically you would use your firewall to apply restrictions like this, however with devices of the type mac80211, you can set MAC based restrictions directly in your wireless configuration.

It’s worth pointing out that allowing/denying access via MAC address is not a foolproof security method. If someone can learn of one of your MAC addresses, they can spoof it and gain access. So while it can be used to boost privacy, relying on this as a security feature on it’s own is not a good idea.

That being said, this guide will walk you through how to easily hide your SSID.

SSH to your LEDE/OpenWRT device

If you are using Windows then start PuTTY and click Session on the left side, select SSH from the options, and then enter in the IP Address of your LEDE/OpenWRT box into the Host Name field.

Once you’ve done this just click on Open to start up the SSH connection.

PuTTY

If you are connecting via terminal, then just SSH to your LEDE/OpenWRT device using the following command, where 192.168.1.1 is your LEDE/OpenWRT device’s IP address.

ssh root@192.168.1.1

Configuration

First we need to access the wireless config file to make changes. So run the following command:

vi /etc/config/wireless

Once this is open, you will need to find the network you want to hide. This is relatively simple, just look for the SSID of your network.